<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Feb 8, 2019 at 12:42 PM Dimitris Zacharopoulos (HARICA) <<a href="mailto:dzacharo@harica.gr">dzacharo@harica.gr</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF">
<br>
<br>
<div class="gmail-m_5467592626411020959moz-cite-prefix">On 8/2/2019 6:34 μ.μ., Ryan Sleevi
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr"><br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Fri, Feb 8, 2019 at 3:19
AM Dimitris Zacharopoulos (HARICA) via Public <<a href="mailto:public@cabforum.org" target="_blank">public@cabforum.org</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF"> <br>
I made the following updates in addition to Wayne's:<br>
<ul>
<li>Added a process for Interested Party application to
CWGs as it seemed to be missing from the Bylaws. The
only reference we currently have is on the web site (<a class="gmail-m_5467592626411020959gmail-m_-4808100141065309621moz-txt-link-freetext" href="https://cabforum.org/email-lists/" target="_blank">https://cabforum.org/email-lists/</a>).</li>
<li>For the Server Certificate Working Group membership
criteria, I tried to align with section 8.4 of the
BRs.<br>
</li>
</ul>
</div>
</blockquote>
<div>
<div>I'm hoping this is unintentional, but this is not a
good change. This has been discussed repeatedly in the
Forum, and moving to a more restrictive policy for
membership in the charter has been regularly rejected.</div>
</div>
</div>
</div>
</blockquote>
<br>
I don't recall Members being against it for membership criteria,
because it was discussed in the past without objections. This was
for consistency with ETSI because ETSI EN 319 411-1 includes the
baseline requirements and network security guidelines where WebTrust
for CAs does not. This change better aligns the two schemes and was
discussed in <a href="https://cabforum.org/2018/05/16/ballot-223-update-br-section-8-4-for-caaudit-criteria/" target="_blank">ballot
223</a>. Do other Members have similar concerns with this issue? I
would appreciate it if others can also state their objection and
concerns with this change.<br></div></blockquote><div><br></div><div>I'll dig up the multiple past discussions of concerns.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div bgcolor="#FFFFFF"><blockquote type="cite">
<div dir="ltr">
<div class="gmail_quote">
<div>My hope is that, as proposer of those changes on the doc,
you can go through and reject them or update them to ensure
that our current approach for the SCWG remains as is.</div>
</div>
</div>
</blockquote>
<br>
Can you explain why there should be a difference between the
Baseline Requirements section 8.4 and the server certificate working
group membership criteria? Since these are accepted in the BRs, it
makes sense to me to also be updated in the Membership criteria for
the Server Certificate Working Group.<br></div></blockquote><div><br></div><div>I'll dig up the multiple past discussions of concerns. <br></div><div><br></div></div></div>